<?php


defined('G_IN_SYSTEM') or exit('No permission resources.');

System::load_app_class('base', null, 'no');

System::load_app_fun('user', 'go');

System::load_app_fun('my', 'go');

class finduser extends SystemAction
{
    public function __construct()
    {
    }

    //找回密码

    public function findpassword()
    {
        if (isset($_POST['submit'])) {
            $name = isset($_POST['name']) ? $_POST['name'] : '';

            $txtRegSN = strtoupper($_POST['txtRegSN']);

            $regtype = null;

            if (_checkmobile($name)) {
                $regtype = 'mobile';
            }

            if (_checkemail($name)) {
                $regtype = 'email';
            }

            if ($regtype == null) {
                _message('帐号类型不正确!', null, 3);
            }

            $info = $this->DB()->GetOne("SELECT * FROM `@#_member` WHERE $regtype = '$name' LIMIT 1");

            if (!$info) {
                _message('帐号不存在');
            }

            header('location:'.WEB_PATH.'/member/finduser/find'.$regtype.'check'.'/'._encrypt($name));
        }

        $title = '找回密码';

        include templates('user', 'findpassword');
    }

    //手机重置密码

    public function findsendmobile()
    {
        $name = _encrypt($this->segment(4), 'DECODE');

        $member = $this->DB()->GetOne("SELECT * FROM `@#_member` WHERE `mobile` = '$name' LIMIT 1");

        if (!$member) {
            _message('参数不正确!');
        }

        $checkcode = explode('|', $member['mobilecode']);

        $times = time() - $checkcode[1];

        if ($times > 120) {

            //重发验证码

            $mobile_code = rand(100000, 999999);

            $mobile_time = time();

            $mobilecodes = $mobile_code.'|'.$mobile_time;//验证码		

            $this->DB()->Query("UPDATE `@#_member` SET passcode='$mobilecodes' where `uid`='$member[id]'");

            $sendok = _sendmobile($name, $mobile_code);

            if ($sendok[0] != 1) {
                _message($sendok[1]);
            }

            _message('正在重新发送...', WEB_PATH.'/member/finduser/findmobilecheck/'._encrypt($member['mobile']), 2);
        } else {
            _message('重发时间间隔不能小于2分钟!', WEB_PATH.'/member/finduser/findmobilecheck/'._encrypt($member['mobile']));
        }
    }

    public function findmobilecheck()
    {
        $title = '手机找回密码';

        $time = 120;

        $namestr = $this->segment(4);

        $name = _encrypt($namestr, 'DECODE');

        if (strlen($name) != 11) {
            _message('参数错误！');
        }

        $member = $this->DB()->GetOne("SELECT * FROM `@#_member` WHERE `mobile` = '$name' LIMIT 1");

        if (!$member) {
            _message('参数不正确!');
        }

        if ($member['passcode'] == -1) {

            //更新验证码	

            $randcode = rand(100000, 999999);

            $checkcodes = $randcode.'|'.time();//验证码

            $this->DB()->Query("UPDATE `@#_member` SET passcode='$checkcodes' where `uid`='$member[id]'");

            $sendok = _sendmobile($name, $randcode);

            if ($sendok[0] != 1) {
                _message($sendok[1]);
            }

            header('location:'.WEB_PATH.'/member/finduser/findmobilecheck/'._encrypt($member['mobile']));

            exit;
        }

        if (isset($_POST['submit'])) {
            $checkcodes = isset($_POST['checkcode']) ? $_POST['checkcode'] : _message('参数不正确!');

            if (strlen($checkcodes) != 6) {
                _message('验证码输入不正确!');
            }

            $usercode = explode('|', $member['passcode']);

            if ($checkcodes != $usercode[0]) {
                _message('验证码输入不正确!');
            }

            $urlcheckcode = _encrypt($member['mobile'].'|'.$member['passcode']);

            _setsession('uid', _encrypt($member['id']));

            _setsession('ushell', _encrypt(md5($member['id'].$member['password'].$member['mobile'].$member['email'])));

            _message('手机验证成功', WEB_PATH.'/member/finduser/findok/'.$urlcheckcode, 2);
        }

        $enname = substr($name, 0, 3).'****'.substr($name, 7, 10);

        $time = 120;

        include templates('user', 'findmobilecheck');
    }

    //邮箱找回密码

    public function findsendemail()
    {
        $name = _encrypt($this->segment(4), 'DECODE');

        $member = $this->DB()->GetOne("SELECT * FROM `@#_member` WHERE `email` = '$name' LIMIT 1");

        if (!$member) {
            _message('参数错误!');
        }

        $this->DB()->Query("UPDATE `@#_member` SET passcode='-1' where `uid`='$member[id]'");

        _message('正在重新发送...', WEB_PATH.'/member/finduser/findemailcheck/'.$this->segment(4), 2);

        exit;
    }

    public function findemailcheck()
    {
        $title = '通过邮箱找回密码';

        $enname = $this->segment(4);

        $name = _encrypt($this->segment(4), 'DECODE');

        $info = $this->DB()->GetOne("SELECT * FROM `@#_member` WHERE `email` = '$name' LIMIT 1");

        if (!$info) {
            _message('未知错误!');
        }

        $emailurl = explode('@', $info['email']);

        if ($info['passcode'] == -1) {
            $passcode = _getcode(10);

            $passcode = $passcode['code'].'|'.$passcode['time'];//验证码

            $urlcheckcode = _encrypt($info['email'].'|'.$passcode);

            $url = WEB_PATH.'/member/finduser/findok/'.$urlcheckcode;

            $this->DB()->Query("UPDATE `@#_member` SET `passcode`='$passcode' where `uid`='$info[uid]'");

            $tit = _cfg('web_name').'邮箱找回密码';

            $content = '<span>请在24小时内激活邮件</span>，点击连接激活邮件：<a href="'.WEB_PATH.'/member/finduser/findok/'.$urlcheckcode.'">';

            $content .= $url;

            $content .= '</a>';

            _sendemail($info['email'], '', $tit, $content);
        }

        include templates('user', 'findemailcheck');
    }

    public function findok()
    {
        $key = $this->segment(4);

        if (empty($key)) {
            _message('未知错误');
        } else {
            $key = $this->segment(4);
        }

        $checkcode = explode('|', _encrypt($key, 'DECODE'));

        if (count($checkcode) != 3) {
            _message('未知错误', null, 3);
        }

        $emailurl = explode('@', $checkcode[0]);

        if ($emailurl[1]) {
            $sql = "select * from `@#_member` where `email`='$checkcode[0]' AND `passcode`= '$checkcode[1]|$checkcode[2]' LIMIT 1";
        } else {
            $sql = "select * from `@#_member` where `mobile`='$checkcode[0]' AND `passcode`= '$checkcode[1]|$checkcode[2]' LIMIT 1";
        }

        $member = $this->DB()->GetOne($sql);

        if (!$member) {
            _message('帐号或验证码错误', null, 2);
        }

        $usercheck = explode('|', $member['passcode']);

        $timec = time() - $usercheck[1];

        if ($timec < (3600 * 24)) {
            $title = '重置密码';

            include templates('user', 'findok');
        } else {
            $title = '验证失败';

            include templates('user', 'finderror');
        }
    }

    public function resetpassword()
    {
        if (isset($_POST['submit'])) {
            $key = $_POST['hidKey'];

            $password = md5($_POST['userpassword']);

            $checkcode = explode('|', _encrypt($key, 'DECODE'));

            if (count($checkcode) != 3) {
                _message('未知错误', null, 3);
            }

            $emailurl = explode('@', $checkcode[0]);

            if ($emailurl[1]) {
                $sql = "select * from `@#_member` where `email`='$checkcode[0]' AND `passcode`= '$checkcode[1]|$checkcode[2]' LIMIT 1";
            } else {
                $sql = "select * from `@#_member` where `mobile`='$checkcode[0]' AND `passcode`= '$checkcode[1]|$checkcode[2]' LIMIT 1";
            }

            $member = $this->DB()->GetOne($sql);

            if (!$member) {
                _message('未知错误!');
            }

            $this->DB()->Query("UPDATE `@#_member` SET `password`='$password',`passcode`='-1' where `uid`='$member[id]'");

            _message('密码重置成功', WEB_PATH.'/member/user/login');
        }
    }
}
